<?php
/**
 * Static content controller.
 *
 * This file will render views from views/pages/
 *
 * PHP 5
 *
 * CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
 * Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
 *
 * Licensed under The MIT License
 * Redistributions of files must retain the above copyright notice.
 *
 * @copyright     Copyright 2005-2011, Cake Software Foundation, Inc. (http://cakefoundation.org)
 * @link          http://cakephp.org CakePHP(tm) Project
 * @package       app.Controller
 * @since         CakePHP(tm) v 0.2.9
 * @license       MIT License (http://www.opensource.org/licenses/mit-license.php)
 */

App::uses('AppController', 'Controller');

class UsersController extends AppController {
	public $name = 'Users';
	public function beforeFilter() {
		parent::beforeFilter();
		$this->Auth->allow('create');
	}
	
	public function isAuthorized($user) {
		if (in_array($user['role'], array('admin', 'superAdmin'))) {
			if (in_array($this->action, array('setAdmin'))) {
				if($user['id'] == $this->request->params['pass'][0]){
					return false;
				}
			}
			return true;
		} 
		if (in_array($this->action, array('view', 'edit', 'delete', 'changePassword'))) {
			if($user['username'] != $this->request->params['pass'][0]){
				return false;
			}
			return true;
		} 
		if(in_array($this->action, array('logout'))) {
			return true;
		}
		return false;
	}
	
	public function login() {
		$this->set('title_for_layout', 'Użytkownik - logowanie');
		
		if($this->request->is('post')) {
			$user = $this->User->find('first', array('conditions'=>array('username'=>$this->request->data['User']['username'])));
			if($user) {
				if(!($this->Auth->password($this->request->data['User']['password']) == $user['User']['password'])) {
					$this->Session->setFlash('Podane hasło jest niepoprawne.', 'flash_failure');
					$this->redirect(array('action' => 'login'));
				}				
				if(!$user['User']['activated']) {
					$this->Session->setFlash('Twoje konto nie zostało aktywowane. Prosimy spróbować ponownie później lub skontaktować się z administracją.', 'flash_failure');
					$this->redirect(array('action' => 'login'));	
				}
			}			
			if ($this->Auth->login()) {
				$this->Session->setFlash('Zalogowano.', 'flash_success');
				//$this->redirect($this->Auth->redirect());
				$this->redirect($this->Auth->redirect(array('controller' => 'pages', 'action' => 'display', 'home')));	
			} else {
				$this->Session->setFlash('Niepoprawne dane.', 'flash_failure');
			}
		}
	}
	
	public function logout() {
		$this->Session->setFlash('Użytkownik wylogowany.', 'flash_success');
		$this->redirect($this->Auth->logout());
		
	}

	public $paginate = array('limit'=>10);
	/*$this->paginate = array(
       	'User' => array(
      		'limit' => 10
      	)
    );*/

	public function index() {
		$this->set('title_for_layout', 'Użytkownik - lista użytkowników');
		$data = $this->paginate('User');
		$this->set('users', $data);
		
		if ($this->request->is('post') || $this->request->is('put')) {
			$user = $this->request->data;
			$user = $this->User->find('first', array('conditions'=>array('username'=>$user['User']['username'])));
			if($user){
				$this->redirect(array('action'=>'view', $user['User']['username']));
			} else {
				$this->Session->setFlash('Nie ma takiego użytkownika.', 'flash_failure');
			}
			
		}
	}
	
	public function indexActivation() {
		$this->set('title_for_layout', 'Użytkownik - aktywacja');
		$data = $this->paginate('User', array('activated'=>'0'));
		$this->set('users', $data);
	}
	
	public function activate($id = null) {
		$this->User->id = $id;
		$this->User->set('activated', 'true');
		$this->User->save();
		$this->redirect(array('action'=>'indexActivation'));
	}
	
	public function setAdmin($id = null, $role = 'regular') {
		$this->User->id = $id;
		$user = $this->User->read();
		if(!($user['User']['role']=='superAdmin')) {
			$this->User->updateAll(
				array('User.role'=>"'$role'"),
				array('User.id'=>$id)
			);
			if($role == 'admin'){
				$this->Session->setFlash('Nadano prawa administratora.', 'flash_success');
			} else {
				$this->Session->setFlash('Odebrano prawa administratora.', 'flash_success');
			}
		} else {
			$this->Session->setFlash('Nie można zdjąć praw administratora dla SuperAdministratora.', 'flash_failure');
		}
		$this->redirect(array('action'=>'view', $user['User']['username']));
	}
	
	public function view($username = null) {
		$this->set('title_for_layout', 'Użytkownik - profil');
		
		$user = $this->User->find('first', array('conditions'=>array('username'=>$username)));		
		if (!$user) {
			$this->redirect(array('action' => 'index'));
		}
		$this->set('user', $user);
	}
	
	public function create() {
		$this->set('title_for_layout', 'Użytkownik - rejestracja');
		
		if(!$this->isAdmin() && $this->Auth->loggedIn()){
				$this->Session->setFlash('Jesteś już zalogowany. Nie można utworzyć nowego konta', 'flash_failure');
				$this->redirect(array('controller' => 'pages', 'action' => 'display', 'home'));
		}
		if ($this->request->is('post')) {
			$this->User->set($this->data);
			if (!$this->User->find('count')) {
				$this->User->set(array(
										'activated'=>'true',
										'role'=>'superAdmin'));
			}
			if($this->User->save($this->request->data)) {
				if ($this->isAdmin()){
					$this->Session->setFlash('Użytkownik został dodany.', 'flash_success');
					$this->redirect(array('action'=>'index'));
				} else {
					$this->Session->setFlash('Rejestracja zakończona.', 'flash_success');
					$this->redirect(array('controller' => 'pages', 'action' => 'display', 'home'));
				}
				
			} else {
				if ($this->isAdmin()){
					$this->Session->setFlash('Nie udało się dodać użytkownika.', 'flash_failure');
				} else {
					$this->Session->setFlash('Rejestracja nie powiodła się.', 'flash_failure');
				}
			}
		}
	}
	
	public function delete($username = null) {
		$user = $this->User->find('first', array('conditions'=>array('username'=>$username)));
		if (!$user) {
			$this->Session->setFlash('Nie ma takiego użytkownika.', 'flash_failure');
			$this->redirect(array('action'=>'index'));
		}
		if (in_array($user['User']['role'], array('admin', 'superAdmin'))) {
			$this->Session->setFlash('Nie można usunąć konta administratora.', 'flash_failure');
			$this->redirect(array('action'=>'index'));
		}
		$this->User->id = $user['User']['id'];
		if ($this->User->delete()) {
			$this->Session->setFlash('Użytkownik usunięty.', 'flash_success');
			if($this->isAdmin()) {
				$this->redirect(array('action'=>'index'));
			}
			$this->redirect($this->Auth->logout());
		}
		$this->Session->setFlash('Nie udało się usunąć użytkownika.', 'flash_failure');
		$this->redirect(array('action' => 'index'));
	}
	
	public function edit($username = null) {
		$this->set('title_for_layout', 'Użytkownik - edycja');
		
		$user = $this->User->find('first', array('conditions'=>array('username'=>$username)));
		$this->User->id = $user['User']['id'];
		$this->set('user', $user);

		if ($this->request->is('post') || $this->request->is('put')) {
			if ($this->User->save($this->request->data)) {
				$this->Session->setFlash('Zapisano zmiany.', 'flash_success');
				$this->redirect(array('action' => 'index'));
			} else {
				$this->Session->setFlash('Nie udało się zapisać. Proszę spróbować ponownie.', 'flash_failure');
			}
		} else {
			$this->request->data = $this->User->read();
		}
	}
	
	public function changePassword($username = null) {
		$this->set('title_for_layout', 'Użytkownik - zmiana hasła');
		
		$user = $this->User->find('first', array('conditions'=>array('username'=>$username)));
		$this->User->id = $user['User']['id'];
		$this->set('userId', $user['User']['id']);

		if ($this->request->is('post') || $this->request->is('put')) {
			if ($this->User->save($this->request->data)) {
				$this->Session->setFlash('Hasło zmieniono.', 'flash_success');
				
			} else {
				$this->Session->setFlash('Nie udało się zmienić hasła. Proszę spróbować ponownie.', 'flash_failure');
			}
			$this->redirect(array('action' => 'view', $user['User']['username']));
		}
	}
}
